When Joe Biden assumes the presidency 13 days from now, as government grapples with fallout from the SolarWinds breach and a break-in at the U.S. Capitol, veteran intelligence expert Anne Neuberger likely will be by his side as deputy national security advisor for cybersecurity on the National Security Council (NSC).
Naming Neuberger to the newly created position on the NSC underscores the Biden administration’s commitment to prioritize cybersecurity, at a time when “federal cybersecurity leadership has never been more critical to the defense of the United States, as traditional warfare continues to shift to a digital theater,” said Yaniv Bar-Dayan, CEO and cofounder of Vulcan Cyber.
Restoring the cybersecurity position to the NSC is a departure from the Trump administration, which removed this position from the NSC in 2018.
"It is conceivable that the [SolarWinds] Sunburst hack would have been detected much earlier and had a more robust and coordinated response and retaliation had the position been intact,” said Josh Bohls, founder of Inkscreen.
Indeed, Timur Kovalev, chief technology officer at Untangle, says tapping Neuberger “signals that our government is making cybersecurity an important focal point."
That said, she will assume her new role on the heels of John Costello's resignation as deputy assistant secretary for intelligence and security at the Commerce Department, after he said the president incited rioters to storm the U.S. Capitol Wednesday. Also unknown is who will ultimately lead the Cybersecurity and Infrastructure Security Agency. Financial times reports that former director Chris Krebs, who was ousted by Trump, will be working with SolarWinds, alongside Alex Stamos, former chief security officer at Facebook, to coordinate crisis response in the wake of the breach.
The appointment of Neuberger, currently director of the Cybersecurity Directorate at NSA, generated excitement among industry experts like Chloé Messdaghi, chief strategist at Point3 Security, who said it “is a strong signal that diverse voices are going to be heard in the upcoming administration, which is crucial on issues such as the potential federal use of facial recognition and boundaries around it.”
Highly regarded for her chops in both the public and private sectors, Neuberger's work in the financial sector before coming to the federal government "will be important for guiding policy on security and privacy – without restricting commerce,” said Garrett Grajek, CEO at YouAttest.
“I look forward to meeting with her to discuss how we can help make both business and government much more protected from cyberwarfare in 2021 and beyond,” said Intrusion CEO Jack Blount, noting that “to have someone of her caliber and cyberwarfare knowledge is a great opportunity to heighten the attention and focus our government is placing on cybercrime.
Well-versed in Defense Department practices, Neuberger can help navigate the new Cybersecurity Maturity Model Certification (CMMC) guidance “that sets security standards on all Department of Defense contracts and the more than 300,000 contractors, Grajek said.
The appointment is also inspiring for women in the cybersecurity field. “The more we see women in higher offices in cybersecurity, the more we all feel like we can thrive in this complex environment,” said Messdaghi. “She even does side projects that allow women to thrive and be empowered. Her background in policy, civil liberties, and work at NSA is exactly what we need at this time.”